FileVault (whole disk encryption) must be enabled on all devices.
You must have a password on screensaver/sleep (not more than 15 minutes).
You must keep operating system and application updates current. For major OS upgrades please wait until the company has tested the upgrade and notified all team members before proceeding.
Don’t install software that might compromise network or computer security.
You must have long and unique passwords for each online account. These must be stored in the approved company password management system (LastPass) only.
You must not change either the primary user or the administrator account passwords on your company-supplied laptop.
Your primary user account (the one that you use to work from) must not have been set to default to administrator/root privileges.
Keep your laptop as physically secure as you would your wallet.
A passcode must be set on all mobile devices, including personal devices with access to company data, e.g. iPads, iPhones and smartphones.
You must not transfer or copy any company or client data to personal devices. The only exception to this is the use of personally owned mobile devices in line with this policy.
You must complete the monthly IT self-assessment checklist.
You must make sure that your desks are clear and any confidential info is either shredded or locked away.
It is our policy to:
Only print out what you need to and keep confidential or restricted paperwork out of sight locked in the provided cabinets overnight.
Make sure confidential paperwork is shredded and not put in normal waste bins.
Collect printed papers and do not leave them on the printers.
At the end of each day make sure information classified as confidential or restricted is locked away.
Only the authorised encrypted backup drives are permitted to be left on desks in the secure office overnight.
Close or minimise windows when you are not actively using them
Lock your computer when you leave your desk for any significant length of time.
To assist in implementing this policy all users will be trained as part of the general ISM awareness presentation.
For consistency, all staff must use a company provided MacOS-based laptop as their primary machine for work. You must not replace the operating system on your machine.
Use of the internet by employees is permitted and encouraged, where such use is appropriate for business purposes and supports the goals and objectives of GreenShoot Labs.
The employee social media policy must be adhered to.
You must not use the internet or company network for any illegal activity, including unauthorised access to other computer systems, or attempts at such unauthorised access. Attempts to cause failure of a machine are regarded as unauthorised access.
If you have been given an email or other access account, you must take reasonable steps to keep your password or other access token secure. There will be a presumption that actions carried out with your account were authorised by you.
The use of our network for the sending of unsolicited commercial email is strictly prohibited.
Company-provided resources, such as internet and network connections, email privileges, laptops and mobile devices, are intended to be used for business purposes and reasonable personal usage only. Employees should be aware that usage is monitored for unusual activity.
No attempt is made to monitor individual communications; however, correspondence via email is not guaranteed to be private. Use of the internet/intranet and email may be subject to monitoring for security and/or network management reasons.
Communications of a sensitive or confidential nature should not be sent unless they are encrypted. It should be made clear to recipients that opinions expressed by individuals are not necessarily those of the company. The company reserves the right to determine the suitability of this information.
The company may be required to access your laptop from time-to-time. We’ll tell you when we do this. Examples of reasons why we may need to do this include maintenance and support, data retrieval for business needs or if required by law enforcement.
We roll out major OS upgrades under a controlled schedule. You should not upgrade your Mac from one major version of MacOS to the next, until instructed to do so.
The following practices are considered unacceptable and may be subject to disciplinary action, including written warnings, revocation of access privileges, and, in extreme cases, termination of employment. The company also reserves the right to report any illegal activities to the appropriate authorities.
Visiting internet sites that contain obscene, hateful or otherwise objectionable materials; sending or receiving any material that is obscene or defamatory, or which is intended to annoy, harass or intimidate another person.
Wasting excessive time on non-company business.
Soliciting emails that are unrelated to business activities, or soliciting non-company business for personal gain or profit.
Representing personal opinions as those of the company.
Using the internet for gambling or illegal activities.
Making or posting indecent materials. Disseminating information that is likely to cause offence.
Uploading, downloading or otherwise transmitting, commercial software or copyrighted material in violation of its copyright.
Downloading any software or electronic files without adhering to virus protection measures that have been approved by the company.
Revealing or publicising confidential or proprietary information which includes, but is not limited to, financial information, new business and product ideas, marketing strategies and plans, company databases and the information contained therein, customer lists, technical product information, computer software source codes, computer network access codes and details of business partnerships.
When returning equipment, for example if you are leaving GreenShoot Labs, you should not remove any company data from it. This means that neither your laptop nor backup disk should be erased, including previous versions from your backup disk.
The company will archive data on all staff machines after they are no longer in use, for a period of at least one month before data is destroyed. We will only access this data in line with our full guidelines above.